Published in News

SharkBotDropper infiltrated the Google Play Store again

by on07 September 2022

You are going to need a bigger boat

SharkBotDropper trojan has once again infiltrated the Google Play Store, Fox-IT, researchers have warned.

Two additional Android antivirus apps have been found to carry the trojan, which is designed to steal online banking credentials.

The malware has been updated so it does not have to rely on the misuse of an Android device's accessibility permissions to install itself, but is delivered via an update to Mister Phone Cleaner, Kylhavy Mobile Security, NS Android banking trojan

Sharkbot can compromise their private banking details by injecting a fake login page when the official banking app is opened. If this happens, users might see a screen that looks unfamiliar, or at least differs slightly from the normal interface.

SharkBot logd key presses and send them to an external server and intercepts and hides text messages. It can also send out responses to received text and instant messages, spreading the malware via a shortened link.

Sharkbot can let attackers tap remotely into a user’s device, to autofill transaction forms within banking apps and set transfers in motion.

Fortunately it can be killed with a bog standard security scans using a reputable antivirus app for Android,

Last modified on 07 September 2022
Rate this item
(0 votes)

Read more about: